Question No: 191 – (Topic 2)

An organization has implemented an Agile development process for front end web application development. A new security architect has just joined the company and wants to integrate security activities into the SDLC.

Which of the following activities MUST be mandated to ensure code quality from a security perspective? (Select TWO).

Static and dynamic analysis is run as part of integration

Security standards and training is performed as part of the project

Daily stand-up meetings are held to ensure security requirements are understood

For each major iteration penetration testing is performed

Security requirements are story boarded and make it into the build

A security design is performed at the end of the requirements phase

Answer: A,D

Question No: 192 – (Topic 2)

ABC Corporation uses multiple security zones to protect systems and information, and all of the VM hosts are part of a consolidated VM infrastructure. Each zone has different VM administrators. Which of the following restricts different zone administrators from directly accessing the console of a VM host from another zone?

Maintain a separate virtual switch for each security zone and ensure VM hosts bind to only the correct virtual NIC(s).

Organize VM hosts into containers based on security zone and restrict access using an ACL.

Require multi-factor authentication when accessing the console at the physical VM host.

Answer: C

Question No: 193 – (Topic 2)

The DLP solution has been showing some unidentified encrypted data being sent using FTP to a remote server. A vulnerability scan found a collection of Linux servers that are missing OS level patches. Upon further investigation, a technician notices that there are a

few unidentified processes running on a number of the servers. What would be a key FIRST step for the data security team to undertake at this point?

Conduct a bit level image, including RAM, of one or more of the Linux servers.

Answer: E

Question No: 194 – (Topic 2)

A trucking company delivers products all over the country. The executives at the company would like to have better insight into the location of their drivers to ensure the shipments are following secure routes. Which of the following would BEST help the executives meet this goal?

Install GSM tracking on each product for end-to-end delivery visibility.

Implement geo-fencing to track products.

Require drivers to geo-tag documentation at each delivery location.

Equip each truck with an RFID tag for location services.

Answer: B

Question No: 195 – (Topic 2)

A security administrator was recently hired in a start-up company to represent the interest of security and to assist the network team in improving security in the company. The programmers are not on good terms with the security team and do not want to be distracted with security issues while they are working on a major project. Which of the following is the BEST time to make them address security issues in the project?

In the middle of the project

At the end of the project

At the inception of the project

At the time they request

Answer: C

Question No: 196 – (Topic 2)

A facilities manager has observed varying electric use on the company’s metered service lines. The facility management rarely interacts with the IT department unless new equipment is being delivered. However, the facility manager thinks that there is a correlation between spikes in electric use and IT department activity. Which of the following business processes and/or practices would provide better management of organizational resources with the IT department’s needs? (Select TWO).

Deploying a radio frequency identification tagging asset management system

Designing a business resource monitoring system

Hiring a property custodian

Purchasing software asset management software

Facility management participation on a change control board

Rewriting the change board charter

Implementation of change management best practices

Answer: E,G

Question No: 197 – (Topic 2)

A company has decided to change its current business direction and refocus on core business. Consequently, several company sub-businesses are in the process of being sold-off. A security consultant has been engaged to advise on residual information security concerns with a de-merger. From a high-level perspective, which of the following BEST provides the procedure that the consultant should follow?

Perform a penetration test for the current state of the company. Perform another penetration test after the de-merger. Identify the gaps between the two tests.

Duplicate security-based assets should be sold off for commercial gain to ensure that the security posture of the company does not decline.

Explain that security consultants are not trained to offer advice on company acquisitions or demergers. This needs to be handled by legal representatives well versed in corporate law.

Identify the current state from a security viewpoint. Based on the demerger, assess what the security gaps will be from a physical, technical, DR, and policy/awareness perspective.

Answer: D

Question No: 198 – (Topic 2)

Joe is a security architect who is tasked with choosing a new NIPS platform that has the ability to perform SSL inspection, analyze up to 10Gbps of traffic, can be centrally managed and only reveals inspected application payload data to specified internal security employees. Which of the following steps should Joe take to reach the desired outcome?

Research new technology vendors to look for potential products. Contribute to an RFP and then evaluate RFP responses to ensure that the vendor product meets all mandatory requirements. Test the product and make a product recommendation.

Evaluate relevant RFC and ISO standards to choose an appropriate vendor product. Research industry surveys, interview existing customers of the product and then recommend that the product be purchased.

Consider outsourcing the product evaluation and ongoing management to an outsourced provider on the basis that each of the requirements are met and a lower total cost of ownership (TCO) is achieved.

Choose a popular NIPS product and then consider outsourcing the ongoing device management to a cloud provider. Give access to internal security employees so that they can inspect the application payload data.

Ensure that the NIPS platform can also deal with recent technological advancements, such as threats emerging from social media, BYOD and cloud storage prior to purchasing the product.

Answer: A

Question No: 199 – (Topic 2)

A company is trying to decide how to manage hosts in a branch location connected via a slow WAN link. The company desires to provide the same level of performance and functionality to the branch office as it provides to the main campus. The company uses Active Directory for its directory service and host configuration management. The branch location does not have a datacenter, and the physical security posture of the building is weak. Which of the following designs is MOST appropriate for this scenario?

Deploy a branch location Read-Only Domain Controller in the DMZ at the main campus with a two-way trust.

Deploy a corporate Read-Only Domain Controller to the branch location.

Deploy a corporate Domain Controller in the DMZ at the main campus.

Deploy a branch location Read-Only Domain Controller to the branch office location with a one-way trust.

Deploy a corporate Domain Controller to the branch location.

Deploy a branch location Domain Controller to the branch location with a one-way trust.

Answer: B

Question No: 200 – (Topic 2)

An administrator has enabled salting for users#39; passwords on a UNIX box. A penetration tester must attempt to retrieve password hashes. Which of the following files must the penetration tester use to eventually obtain passwords on the system? (Select TWO).